Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 30, 2026, 10 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
243261 7.8 危険 Invision Power Services, Inc - IP.Board の sources/action_public/xmlout.php におけるユーザプロフィールデータを変更される脆弱性 - CVE-2007-3219 2012-09-25 16:47 2007-06-11 Show GitHub Exploit DB Packet Storm
243262 4.3 警告 php live - PHP Live! の request.php におけるクロスサイトスクリプティングの脆弱性 - CVE-2007-3218 2012-09-25 16:47 2007-06-14 Show GitHub Exploit DB Packet Storm
243263 7.8 危険 nongnu - Mail Notification における重要な情報を取得される脆弱性 - CVE-2007-3209 2012-09-25 16:47 2007-06-9 Show GitHub Exploit DB Packet Storm
243264 7.1 危険 Novell - Novell NetWare の NFS マウントデーモンにおけるバッファオーバーフローの脆弱性 - CVE-2007-3207 2012-09-25 16:47 2007-06-13 Show GitHub Exploit DB Packet Storm
243265 5 警告 The PHP Group
hardened-php project		 - PHP などの製品で使用される parse_str 関数における任意の変数を上書きされる脆弱性 - CVE-2007-3205 2012-09-25 16:47 2007-06-13 Show GitHub Exploit DB Packet Storm
243266 7.5 危険 jffnms - JFFNMS の auth.php における SQL インジェクションの脆弱性 - CVE-2007-3204 2012-09-25 16:47 2007-06-12 Show GitHub Exploit DB Packet Storm
243267 4.9 警告 Novell - NetWare 用の NMAS における管理ユーザ名などを取得される脆弱性 - CVE-2007-3200 2012-09-25 16:47 2007-06-12 Show GitHub Exploit DB Packet Storm
243268 4.3 警告 maran - Maran Blog の comments.php におけるクロスサイトスクリプティングの脆弱性 - CVE-2007-3198 2012-09-25 16:47 2007-06-12 Show GitHub Exploit DB Packet Storm
243269 7.5 危険 vBulletin Solutions, Inc. - vBSupport の vBSupport.php における SQL インジェクションの脆弱性 - CVE-2007-3197 2012-09-25 16:47 2007-06-11 Show GitHub Exploit DB Packet Storm
243270 7.5 危険 vBulletin Solutions, Inc. - vSupport Integrated Ticket System の vBSupport.php における SQL インジェクションの脆弱性 - CVE-2007-3196 2012-09-25 16:47 2007-06-11 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 30, 2026, 4:22 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
2021 8.2 HIGH
Network 		messagepack messagepack MessagePack for C# is a MessagePack serializer for C#. Prior to 2.5.301 and 3.1.7, A vulnerability exists in the optional LZ4 decompression path used by MessagePack compression modes Lz4Block and Lz4… CWE-20
 Improper Input Validation  		CVE-2026-48109 2026-06-24 02:25 2026-06-23 Show GitHub Exploit DB Packet Storm
2022 7.5 HIGH
Network 		messagepack messagepack MessagePack for C# is a MessagePack serializer for C#. Prior to 2.5.301 and 3.1.7, MessagePackReader.ReadDateTime() can allocate stack memory based on an attacker-controlled MessagePack extension len… CWE-125
CWE-190
CWE-407
CWE-409
CWE-470
CWE-502
CWE-674
CWE-789
CWE-1188
Out-of-bounds Read
 Integer Overflow or Wraparound
 Inefficient Algorithmic Complexity
 Improper Handling of Highly Compressed Data (Data Amplification)
Unsafe Reflection
 Deserialization of Untrusted Data
 Uncontrolled Recursion
 Memory Allocation with Excessive Size Value
 Insecure Default Initialization of Resource 		CVE-2026-48502 2026-06-24 02:25 2026-06-23 Show GitHub Exploit DB Packet Storm
2023 7.5 HIGH
Network 		messagepack messagepack MessagePack for C# is a MessagePack serializer for C#. Prior to 2.5.301 and 3.1.7, MessagePackReader.TrySkip() recursively descends into nested arrays and maps without incrementing the reader depth o… CWE-674
 Uncontrolled Recursion 		CVE-2026-48506 2026-06-24 02:24 2026-06-23 Show GitHub Exploit DB Packet Storm
2024 8.1 HIGH
Network 		- - piscina is a node.js worker pool implementation. Prior to 6.0.0-rc.2, 5.2.0, and 4.9.3, piscina's constructor and run() paths read the filename option via plain member access. Both reads fall through… CWE-94
CWE-1321
Code Injection
 Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') 		CVE-2026-55388 2026-06-24 02:17 2026-06-23 Show GitHub Exploit DB Packet Storm
2025 6.1 MEDIUM
Network 		astro astro Astro is a web framework. Prior to 6.4.6, the spreadAttributes function in Astro's server-side rendering pipeline iterates over object keys and passes them directly to addAttribute, which interpolate… CWE-79
Cross-site Scripting 		CVE-2026-54298 2026-06-24 02:17 2026-06-23 Show GitHub Exploit DB Packet Storm
2026 - - - AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Prior to 3.14.1, DigestAuthMiddleware can send an authentication response after following a cross-origin redirect. This… CWE-200
CWE-522
Information Exposure
 Insufficiently Protected Credentials 		CVE-2026-54276 2026-06-24 02:17 2026-06-23 Show GitHub Exploit DB Packet Storm
2027 - - - Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to 22.0.0-rc.2, 21.2.15, 20.3.22, and 19.2.23, a vulnerabilit… CWE-524
 Use of Cache Containing Sensitive Information 		CVE-2026-50170 2026-06-24 02:17 2026-06-23 Show GitHub Exploit DB Packet Storm
2028 6.9 MEDIUM
Local 		libexpat_project libexpat libexpat before 2.8.2 has an integer overflow in XML_ParseBuffer because it lacked a check that was present in XML_Parse. CWE-190
 Integer Overflow or Wraparound 		CVE-2026-56406 2026-06-24 01:29 2026-06-22 Show GitHub Exploit DB Packet Storm
2029 6.9 MEDIUM
Local 		libexpat_project libexpat libexpat before 2.8.2 has an integer overflow in doProlog that is related to storeEntityValue and entity textLen. CWE-190
 Integer Overflow or Wraparound 		CVE-2026-56407 2026-06-24 01:28 2026-06-22 Show GitHub Exploit DB Packet Storm
2030 6.9 MEDIUM
Local 		libexpat_project libexpat libexpat before 2.8.2 has an integer overflow in copyString. CWE-190
 Integer Overflow or Wraparound 		CVE-2026-56408 2026-06-24 01:27 2026-06-22 Show GitHub Exploit DB Packet Storm